DEVHIDE
Login Or Sign up

Splitting json in logstash pipeline

34 Views Asked by At

I am getting data in below format from one URL configured in logstash pipeline -

"_source": {
    "result": {
      "incident_state": "-5",
      "u_agent_name": "",
      "number": "XXXXX",
      "time_worked": "",
      "problem_id": "",
      "cause": "",
      ""assigned_to": {
        "link": "xyz.com",
        "value": "40b4f5df"
      }
    }
  }

and I want it to split like below -

    "_source": {
      "incident_state": "-5",
      "u_agent_name": "",
      "number": "XXXXX",
      "time_worked": "",
      "problem_id": "",
      "cause": "",
      ""assigned_to": {
        "link": "xyz.com",
        "value": "40b4f5df"
      }
   }

As I am new to it, I am stuck here badly and existing similar questions from stack overflow are not helpful or me. Kindly help me to achieve this. Thank you so much in advance.

logstash-filter
Original Q&A
1

There are 1 best solutions below

0
On

I recommend you to use json filter of logstash.

https://www.elastic.co/guide/en/logstash/current/plugins-filters-json.html

filter {
  # Split the "result" field into multiple objects, one for each key-value pair.
  json {
    source => "result"
    target => "_source"
  }
}

You can also use mutate, add field, rename fields. They are very useful.

Related Questions in LOGSTASH-FILTER

Trending Questions

Popular # Hahtags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Popular Questions

Copyright © 2021 Jogjafile Inc.